Posted on January 7, 2019 at 5:26 PM
Hacking attacks that have marked 2017 and 2018 continue in the new year as well, and according to reports, they seem to be becoming more and more dangerous. The newest hacking incident occurred in Australia after the attacker managed to breach the country’s EWN (Early Warning Network).
This is a system used by the local, federal, and state governments to alert citizens to various emergencies. It contains a large database, filled with contact information which includes home phone numbers, mobile phone numbers, as well as email addresses.
The attacker managed to breach the system’s defenses and briefly take control. After that, the hacker sent direct messages and emails to tens of thousands of Australian citizens. The message states: “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues. Email firstname.lastname@example.org if you wish to unsubscribe. ewn.com.au ASX AER.”
As a result, many Australians decided to do just that, and have emailed the address, stating that they want to cancel their subscriptions to the service.
According to reports, the breach occurred at an unspecified time on Saturday, with the messages being sent soon after the hacker gained control. As shown in the message, the hacker also sent a link of a website that supposedly provides customer support. It is currently unclear whether or not this had anything to do with an attempted phishing attack, but the EWN did confirm that the attacker is based in Australia as well.
Kerry Plowright, the managing director of the company, stated that there is a high likelihood that the goal of the breach was to damage the business. He also stated that the attack was possible due to compromised login information. However, Mr. Plowright strongly denied that anyone’s personal data was compromised. According to him, the hacker’s message was false in that regard.
This was likely not a phishing attack
Despite the breach, the company did not shut down the system during the intrusion. It is now believed that this decision may have affected additional warning systems. According to Dave Lacey, who runs IDCARE, a significant number of the system’s users were affected.
Lacey also stated that these attacks are frequent and that they occur whenever a hacker finds a vulnerability in the systems’ security. The breach is likely to have significant consequences for EWN since its usefulness depends on the trust of Australian citizens.
It is also highly unusual that the hackers’ message contained a link to the company’s real website. Typically, whenever a similar attack occurs, the hackers are more likely to include a link to a false site that looks like the original. They would also urge users to log into their accounts and address some kind of issue. When the user attempts to log in, the hacker records their login credentials, which can then be sold or misused in another way. This is known as a phishing attack, which is a type of attack often used by scammers.
Lacey added that attacks like this one damage businesses’ reputations, while simultaneously they have a goal of extorting large amounts of money. However, the EWN staff managed to notice the attack and disrupt it relatively quickly. As a result, a large number of service users dod not receive the message. Even so, many were still affected.
Despite the message, the EWN continues to claim that no personal data was compromised and that all of the data held within the database is “white pages” information. The company chooses not to store any other info about its customers, or anyone else. With that in mind, they can only assume that the hacker’s goal was to try and damage the company’s reputation.